# Copyright (c) 2014-2021 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Reference: https://www.proofpoint.com/us/blog/threat-insight/ta2552-uses-oauth-access-token-phishing-exploit-read-only-risks
# Reference: https://otx.alienvault.com/pulse/5f74a49bc85684b52d86ea23

16720s.xyz
e1920.xyz
calyss.in
casperinfosystem.com
al-thawiya.com
i5320.xyz
mucla.in
ultimatetravel.in
printstockphoto.com
xs1920.xyz
akglass.in
e29120.com
nivedafoundation.org
r25820.xyz
ex171019.com
e180320.xyz
rr020920.xyz
e10220.com
#photobalkan.com
ccgdm.org
is15720.xyz
e18220.com
i3720.xyz
rs10720.xyz
x030720.xyz
dev.tvs.st
i10720.xyz
